package com.example.shiro.config;

import com.example.shiro.intercept.AbstractAccessControlFilter;
import com.example.shiro.realm.ShiroRealm;
import com.example.sys.module.service.SysModuleService;
import com.example.utils.StringUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.util.ThreadContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.annotation.Resource;
import javax.servlet.Filter;
import java.util.*;

@Configuration
public class ShiroConfig {

    @Value("${shiro.unauthorizedPath}")
    private String unauthorizedPath;

    @Value("${shiro.loginPath}")
    private String loginPath;

    @Value("${shiro.successPath}")
    private String successPath;

    @Resource
    private List<AbstractAccessControlFilter> accessControlFilters = new ArrayList<>();

    @Resource
    private SysModuleService sysModuleService;

    @Resource
    private ShiroRealm shiroRealm;

    Logger logger = LoggerFactory.getLogger(getClass());

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        Map<String, Filter> filterMap = new HashMap<>();
        if (!this.accessControlFilters.isEmpty()) {
            for (AbstractAccessControlFilter accessControlFilter : this.accessControlFilters) {
                String simpleName = accessControlFilter.getClass().getSimpleName();
                filterMap.put(StringUtils.toLowerCaseFirstOne(simpleName), accessControlFilter);
            }
        }
        shiroFilterFactoryBean.setFilters(filterMap);
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setLoginUrl(loginPath);
        shiroFilterFactoryBean.setSuccessUrl(successPath);
        shiroFilterFactoryBean.setUnauthorizedUrl(unauthorizedPath);
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        /*** 系统默认匿名权限 ***/
        filterChainDefinitionMap.put("/ui/**", "anon");
        filterChainDefinitionMap.put("/anon/**", "anon");

        /*** 加载模块的权限  ****/
        this.sysModuleService.loadModuleAuthMaps(filterChainDefinitionMap);

        /**** 加载额外的权限 ****/
        //filterChainDefinitionMap.put("/sysOrgUser/view/**", "anon");

        /**** 权限结束 ****/
        filterChainDefinitionMap.put("/**", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(shiroRealm);
        ThreadContext.bind(securityManager);
        return securityManager;
    }
}